Biometric authentication is a technique for enabling individual authentication using information about the physical characteristics and the behavioral characteristics of a human. Human physical characteristics include fingerprints, veins, irises, and the face for example. Behavioral characteristics include handwriting and gait for example. Biometric information called a template is obtained beforehand and authentication is carried out by comparing the obtained biometric information and information obtained by a sensor during matching.
Recently, a biometric authentication technique has been seen in which a template that has undergone some type of conversion is stored in a database and used in comparison without recovering, during the matching, the original template obtained. This biometric authentication technique is called “template protection-type biometric authentication”. A system that uses this template protection-type biometric authentication technique does not permit the use of a leaked template and is able to inhibit access to a leaked template by changing the conversion method when a converted template has been leaked.
A template protecting method called key binding is known among the template protection-type biometric authentication techniques. The key binding method is a method for protecting a template and a key unique to a user by binding the template that indicates the biometric information and the key. When registering biometric information with the key binding method, the user inputs the biometric information and the user's unique key and a server registers the information, as a secure template in a database, in which the biometric information and the key are bound. When matching the biometric information, the user inputs the biometric information and the server matches the input biometric information and the secure template and extracts the user's unique key when the information and the secure template are near enough.
A technique in which the key binding method is achieved through lattice element adding is known as one technique for implementing the key binding method (see Yuka SUGIMURA, Masaya YASUDA, Shigefumi YAMADA, Narishige ABE, Takashi SHINZAKI, “A proposal of key binding technology using lattice masking”, ISEC-IEICE Technical Report, Information and Communication system security, vol. 113, no. 135, pp. 297-304). With this technique, a secure template that differs according to each system may be created from the same biometric information and key and unconcealed biometric information does not have to be transmitted to the server during registration and during matching.
Another technique for implementing the key binding method is known that involves methods such as fuzzy commitment or fuzzy vault that make use of an error-correcting code technique. Fuzzy commitment and fuzzy vault are known to share a common portion of auxiliary information created from the template and the user's unique key for the same biometric information. Fuzzy commitment and fuzzy vault are known to involve transmitting unconcealed biometric information to the server during registration and during matching.